NSM Console (Network Security Monitoring Console) is a framework for performing analysis on packat capture files. It implements a modular structure to allow for an analyst to quickly write modules of their own without any programming language experience. Using these modules a large amount of pcap analysis can be performed quickly using a set of global (as well as per-module) options.

NSM Console (Network Security Monitoring Console) is a framework for performing analysis on packat capture files. It implements a modular structure to allow for an analyst to quickly write modules of their own without any programming language experience. Using these modules a large amount of pcap analysis can be performed quickly using a set of global (as well as per-module) options.
<br><br>
For more information visit: http://thnetos.wordpress.com/nsm-console

This article is a quick example of how you can boot Backtrack 2 and Vista on the same machine. I wanted a laptop primarily for use with Backtrack 2 , but since Vista came with it I figured why not have it dual-boot?

The laptop I chose is a Compaq Presario C500 (C501NR). I picked it up for $450 at a popular retailer and added 2GB of RAM for good measure. It has a 1.73Mhz Celeron M 430 processor, 80GB HDD, and a 15.4” 1280x800 resolution display. This procedure was written around this particular laptop, but of course could be adapted for use on other machines. Recovery

First off, be sure that you have backed up any data you care about, and be sure that you have the means to restore Vista in case things go south for some reason. This system didn’t come with a OS restore disk, so I used the utility built into Vista to create the seven recovery CDs (couldn’t they spend an extra $1.00 and include an OS DVD?).

I strongly suggest that you actually boot the recovery disks and verify that they will restore (without actually doing it). In my case the recovery process booted fine, but I then got a message saying “These CD’s can not be used with this system”. Argh! I went to the on-line chat with HP/Compaq support and explained the situation. They mailed me a DVD after I explained that I was attempting them to restore them to the same machine that they were created on and not trying to pirate Vista. I just wouldn’t want to find that I needed to restore later when the warranty was out, and have to go through this sometime down the road. The OS DVD arrived a few days later, and I was ready to continue with the dual boot config.Side Note: HP/Compaq BloatwareAll of the ‘bloatware’ as I call it (free trials, annoying pop-up utilities, etc.) that come with new Windows systems can drive a person insane. Restoring from the recovery partition (or DVD in my case) kindly re-installs these useless applications that slow your system down, get in the way, and do who knows what else. While restoring my system I was getting really annoyed at how slow these programs install, combined with the fact that I didn’t want them anyway. The system was going through what seemed like an endless cycle of install, reboot, repeat. More than a couple of hours into it, I decided that there must be a better way.

In short, I let it go through the initial couple of reboots until Vista came up for the first real time. As soon as it did, I immediately launched task manager…

**note: Also make sure the suid user is you Mac OS X user name! Line: 13 - This is very important. In the above screen capture you can see mine says “mephux”. Starting at line 27 we need to verify the airport settings are entered and correct. You should see the following and if not please add:

A typical business network is made up of many computers each of which represents a potential security hole for the network. As networks grow the effort to manage these security risks grows as well. Although different vendors provide management tools specific to their products these do little to reduce the administrative burden of managing all of the different elements of the network.

GFI LANguard offers a single, centralized solution for IT administrators to scan the computers and servers on the network to detect and resolve security threats. GFI LANguard is available both as a licensed product for larger networks, and also as a free, full featured version for scanning up to 5 IP addresses.

INSTALLING GFI LANGUARD

In this demonstration I will walk through the installation of GFI LANguard on an administrator’s Windows XP desktop.To install GFI LANguard download the free trial from http://www.gfi.com/lannetscan to the computer. Launch setup and step through the installation wizard. If your computer is missing the required .NET Framework 2.0 it will automatically be downloaded and installed by GFI LANguard setup.

SCANNING THE NETWORK FOR VULNERABILITIESTo scan the network for security vulnerabilities launch the GFI LANguard console and click on Full Scan on the start page.

You can choose to scan the local computer, a single remote computer, or the entire domain/workgroup. In this example I will scan the entire domain/workgroup. Click the Scan button to begin scanning the network.

When the scan has finished click on Analyze to see details of the vulnerabilities that were discovered.

Examine any of the scanned computers to see a summary and statistics of the vulnerabilities that were discovered.

Scroll to the bottom of the results and click Remediate to begin fixing the security vulnerabilities.

FIXING SECURITY VULNERABILITIES

A remediation task that you can perform is the deployment of missing Microsoft security patches. Select the computers that you wish to deploy patches to and then click the Start button to launch the deployment.

While deploying patches in the previous task you may have noticed that the patch files needed to first be downloaded from Microsoft before they could be deployed to computers on the network. You may also have noticed that after the patches were deployed nothing else happened, such as the computers restarting. This is because of the default patch deployment settings in GFI LANguard.

GFI LANguard can be configured to perform scheduled scans and automatic remediation of missing security patches, including restarting computers to complete the installation of security updates. To achieve this we must first modify some of the default settings for GFI LANguard.

Just when you thought you’d seen all of the finest Linux based Live CD security distros available, a clean, comprehensive, and very usable solution pops into the scene from the fine folks at the Open Web Application Security Project (OWASP). In conjunction with some sponsoring security organizations, OWASP has produced a strong offering in the OWASP AOC LiveCD distribution, version 0.10 (known also as "LabRat") that is worth a serious look if you are seeking a fantastic LiveCD security-oriented distribution.

The OWASP LiveCD is a Debian-flavored distro based on Morphix built around a rich assemblage of applications and documentation, and with a goal of providing security professionals and students an ideal platform for structured and standardized application security testing. The system even offers a series of tests which can be performed by "hacking" the included WebGoat J2EE application simulator according to the well-structured guides.

Some of the major security testing applications available in LabRat include:

This guide further introduces the OWASP LiveCD (LabRat) distribution, details installing to a hard disk drive, and updating included the included applications, and operating system components. If you’re ready to try this excellent security distribution, grab a machine, a bit of bandwidth, and let’s go! A2 Downloading LabRat

Once you’ve provisioned a test machine, you need to download the LabRat ISO from the OWASP project website. Retrieve the ISO from the following URL: